Cisco Small Business Pro SA 520W Administration Manual page 158

Small business pro sa 500 series security appliances

Hide thumbs Also See for Small Business Pro SA 520W:

Administration manual (240 pages)

Administration manual (244 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

Table of Contents

Configuring VPN

Advanced Configuration of IPSec VPN

NOTE

STEP 1

STEP 2

STEP 3

Cisco SA 500 Series Security Appliances Administration Guide

The VPN Wizard is the recommended method to create the corresponding IKE and

VPN policies for a VPN tunnel. After the Wizard creates the matching IKE and VPN

policies, you can make changes, as needed. Advanced users can create an IKE

policy from Add but must be sure to use compatible encryption, authentication, and

key-group parameters for the VPN policy.

Click VPN on the menu bar, and then click IPSec > IKE Policies in the navigation

tree. The existing entries appear in the List of IKE Policies table.

The IKE Policies page appears. Any existing policies are listed in the List of IKE

Policies table.

Click Edit to edit an entry.

Other options: Click Add to add an entry. To delete an entry, check the box, and

then click Delete. To select all entries, check the box in the first column of the table

heading.

After you click Add or Edit, the IKE Policy Configuration page appears.

In the General area, enter the following information:

•

Policy Name: Enter a unique name for identification and management

purposes.

•

Direction/Type: Choose one of the following options:

Initiator: The security appliance initiates the connection to the remote

end.

Responder: The security appliance waits passively and responds to

remote IKE requests.

Both: The security appliance works in either Initiator or Responder mode.

•

Exchange Mode: Choose one of the following options:

Main Mode: Choose this option if you want higher security, but with a

slower connection. Main Mode relies upon two-way key exchanges

between the initiator and the receiver. The key-exchange process slows

down the connection but increases security.

Aggressive Mode: Choose this option if you want a faster connection,

but with lowered security. In Aggressive Mode there are fewer key

exchanges between the initiator and the receiver. Both sides exchange

information even before there is a secure channel. This feature creates a

faster connection but with less security than Main Mode.

158

Table of Contents

Show Quick Links

Quick Links:
Installation
Getting Started with the Configuration Utility
Connecting to the Configuration Utility

Hide quick links:

Table of Contents

This manual is also suitable for:

Small business pro sa 540 Small business pro sa 520

Cisco Small Business Pro SA 520W Administration Manual page 158

Hide quick links:

Related Manuals for Cisco Small Business Pro SA 520W

Related Products for Cisco Small Business Pro SA 520W

This manual is also suitable for:

Table of Contents